Unrated severityNVD Advisory· Published Jan 18, 2024· Updated Jun 17, 2025

Nickname Disclosure on the Backend Automotive Server

CVE-2023-28900

Description

The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Skoda/Skoda Connectllm-fuzzy
Škoda Auto/Škoda Connectv5
Range: 0

Patches

Vulnerability mechanics

References

asrg.io/security-advisories/cve-2023-28900mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000